This is, unfortunately, a major area where privacy and security clash. Referers are by no means foolproof, but they are an important first line of defense in many Web apps. Weblogs and web boards are one example, but they are also important for image scripts which attempt to disallow remote linking. However, there are legitimate potential privacy issues with allowing a site to figure out what site its clients are coming from. The debate seems endless, and probably will be.
What I think really needs to happen is that referers should be blocked if the referer is in a different domain than the destination. That would preserve privacy -information that someone goes from one page on a site to another page on the same site is hardly a privacy violation- while allowing the security of referer-validation for Web apps which need it. Unfortunately, no browser or firewall that I know of allows this feature. Until then, I allow the sending of referers but carefully look at links before I click them; if I suspect that I do not want that kind of relationship drawn I will copy/paste the link URL rather than clicking on it, thus neatly sidestepping the referer issue.
This may be something you should consider too.
